Product
Modules
- Network Agent — network traffic monitoring
- Egress Agent — detects unauthorized Internet paths from isolated segments
- Honeypot — decoy TCP/UDP services (multi-IP support)
- Log Agent — regex monitoring for syslog and service logs
Detection flow
- Collect traffic and logs
- Detect anomalies and attack patterns
- Enrich alerts with optional PCAP
- Enrich metadata (PTR/ASN)
- Send alerts to operators
- Investigate with retained metadata
Management and operations
- Central web UI for alerts and configuration
- Alert triage, pause/snooze, and filtering by time/priority/category
- Alert forwarding via webhooks / e-mail / JSON
- Alert aggregation
- Agent management and remote updates
- Module enable/disable per environment
- Metadata dashboards and search
- Data export (manual and integration workflows)
- User management and audit log
SaaS / multisite support
Intrudect provides a SaaS software platform that can be used by resellers and larger organizations.
- Resellers can operate hosted Intrudect services for their customers
- Multi-site deployments can be isolated so each site has separate data and management scope
- Deployment model and privacy terms depend on the service operator (for example, reseller-hosted vs customer-operated)